[openssl-dev] [openssl.org #4281] [PATCH] Allow downgrading when reusing sessions on client
cancelling as OP suggests. -- Rich Salz, OpenSSL dev team; rs...@openssl.org ___ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] [openssl.org #4281] [PATCH] Allow downgrading when reusing sessions on client
I closed the first ticket, so everything is okay. If you want to do GitHub pull requests and just open an RT to refer to that, that is also okay. ___ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] [openssl.org #4281] [PATCH] Allow downgrading when reusing sessions on client
Hello Rich, Do I need to submit updated patch separately, or was it ok to attach it to the second email? Thank you, Fedor. On Sat, Jan 30, 2016 at 7:14 PM, Rich Salz via RTwrote: > cancelling as OP suggests. > -- > Rich Salz, OpenSSL dev team; rs...@openssl.org > > ___ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] [openssl.org #4281] [PATCH] Allow downgrading when reusing sessions on client
Hello Rich, Do I need to submit updated patch separately, or was it ok to attach it to the second email? Thank you, Fedor. On Sat, Jan 30, 2016 at 7:14 PM, Rich Salz via RTwrote: > cancelling as OP suggests. > -- > Rich Salz, OpenSSL dev team; rs...@openssl.org > > ___ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] [openssl.org #4281] [PATCH] Allow downgrading when reusing sessions on client
This actually sounds like a lovely idea. See: https://github.com/openssl/openssl/pull/603 Thank you! On Sat, Jan 30, 2016 at 8:16 PM, Salz, Rich via RTwrote: > I closed the first ticket, so everything is okay. > If you want to do GitHub pull requests and just open an RT to refer to > that, that is also okay. > > > ___ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] [openssl.org #4281] [PATCH] Allow downgrading when reusing sessions on client
This actually sounds like a lovely idea. See: https://github.com/openssl/openssl/pull/603 Thank you! On Sat, Jan 30, 2016 at 8:16 PM, Salz, Rich via RTwrote: > I closed the first ticket, so everything is okay. > If you want to do GitHub pull requests and just open an RT to refer to > that, that is also okay. > > > ___ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #4281] [PATCH] Allow downgrading when reusing sessions on client
When connecting to pool of diverse servers (both TLS1.0 and TLS1.2), a following scenario may happen: 1. Connect to TLS1.2 server, receive new session 2. Store this session 3. Attempt to reuse it later when connecting to server 4. Connect to different server from the pool, which speaks only TLS1.0 5. Get `SSL_R_WRONG_VERSION_NUMBER` error Expected behavior would be scrapping off the session, and allowing server to downgrade to supported protocol version the way it would do it if no client session would be supplied. This issue was discovered while working on following node.js bug: https://github.com/nodejs/node/issues/3692 --- ssl/s3_pkt.c | 39 +++ ssl/ssltest.c | 22 +- test/testssl | 6 ++ 3 files changed, 66 insertions(+), 1 deletion(-) -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAABAgAGBQJWrTMxAAoJENcGPM4Zt+iQ+GMQAILay2nyh47kVAv1wV3QBgfw 403IrqpoGqLCklZg0SL7zgce+gfOXMydtqbLbK6wtpFNawLPTkbDvLSVyPyixDwy 56UD+neByBXtIuOSs75qVjmAZcuT5GQMoQlIPrX2zGoaRdJls0w4TCrqcoXTDVlL 4QKbaage+EeymPyadEOKmNX2vZmoLRE+t+cMC5gLAtk7ykpAHMWmEZlwhdryP847 uJA8dI1HjvEDcUJvwSsnZLj/wZSrZcC5+QEVsEba8zlKszFYMalygPBZAneZ6zWT GOp5oqUEEyXMlZB8VCTZcMIdEx79otpOYURYGwxNU0P6reZngc1syfgZQYYGqZ0s ohKcWCvbKgZMfI3Vh/LhKVCho0n2G4Uy0k32vOtotmg3zyQjCaUCHdiiWPSiNYDm BlIunymx2ZvCdIZgy/JnAOE2zXe2Hi9qlw+v6wnNH5xowVQvOf0fOgR/R3qhIdrN 6ZFMDY4Ldq0hOFwplAyQRBJZqnHxA6z43lTr5Uk8mad0kIngciFUjvmaBLpiw0r/ R8FT2uVbpDVHf6HUHGobA4cIWZ4nOYBL/mnOfp81gcG3Sd727dV0/dP0K4nyfbim aaF5VuM2nZWlLTJZnMNZJYDGm7lM1BhkCuniD/t+ycrAHS9cdoT9H/HvcAIBnmMn GrIf2pe3UbMmidg/TAtb =Ci8J -END PGP SIGNATURE- 0001-Allow-downgrading-when-reusing-sessions-on-client.patch Description: Binary data ___ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev